EC COUNCIL-Certified Security Analyst

As a part of information gathering, you are given a website URL and asked to identify the operating system using passive OS fingerprinting. When you begin to use p0f tool and browse the website URL, the tool captures the header information of all the packets sent and received, and decodes them. Which among the decoded request/response packets hold the operating system information of the remote operating system?

The Finger service displays information such as currently logged-on users, email address, full name, etc. Which among the following ports would you scan to identify this service during a penetration test?

Stuart has successfully cracked the WPA-PSK password during his wireless pen testing assignment. However, he is unable to connect to the access point using this password. What could be the probable reason?

Veronica, a penetration tester at a top MNC company, is trying to breach the company's database as a part of SQLi penetration testing. She began to use the SQLi techniques to test the database security level. She inserted new database commands into the SQL statement and appended a SQL Server EXECUTE command to the vulnerable SQL statements. Which of the following SQLi techniques was used to attack the database?

Christen is a renowned SQL penetration testing specialist in the US. A multinational ecommerce company hired him to check for vulnerabilities in the SQL database. Christen wanted to perform SQL penetration testing on the database by entering a massive amount of data to crash the web application of the company and discover coding errors that may lead to a SQL injection attack. Which of the following testing techniques is Christen using?

Fred, who owns a company called Skyfeit Ltd., wants to test the enterprise network for presence of any vulnerabilities and loopholes. He employed a third-party penetration testing team and asked them to perform the penetration testing over his organizational infrastructure. Fred briefed the team about his network infrastructure and provided them with a set of IP addresses on which they can perform tests. He gave them strict instruction not to perform DDoS attacks or access the domain servers in the company. He also instructed them that they can carry out the penetration tests even when the regular employees are on duty since they lack the clue about the happenings. However, he asked the team to take care that no interruption in business continuity should be caused. He also informed the penetration testing team that they get only 1 month to carry out the test and submit the report. What kind of penetration test did Fred ask the third-party penetration testing team to perform?

Frank is performing a wireless pen testing for an organization. Using different wireless attack techniques, he successfully cracked the WPA-PSK key. He is trying to connect to the wireless network using the WPA-PSK key. However, he is unable to connect to the WLAN as the target is using MAC filtering. What would be the easiest way for Frank to circumvent this and connect to the WLAN?

James is a security consultant at Big Frog Software Pvt Ltd. He is an expert in Footprinting and Social engineering tasks. His team lead tasked him to find details about the target through passive reconnaissance. James used websites to check the link popularity of the client's domain name. What information does the link popularity provide?

Nick is a penetration tester in Stanbiz Ltd. As a part of his duty, he was analyzing the network traffic by using various filters in the Wireshark tool. While sniffing the network traffic, he used "tcp.port==1433" Wireshark filter for acquiring a specific database related information since port number 1433 is the default port of that specific target database. Which of the following databases Nick is targeting in his test?

You are enumerating a target system. Which of the following PortQry commands will give a result similar to the screenshot below: